package com.margo.project.security.config;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
/**
 * Spring security权限不足处理类
 * 	只有登录后（即接口有传token）接口权限不足才会进入AccessDeniedHandler，
 * 	如果是未登陆或者会话超时等，不会触发AccessDeniedHandler，而是会直接跳转到登陆页面。
 */
@Component
public class MargoAccessDeniedHandler implements AccessDeniedHandler{

	@Override
	public void handle(HttpServletRequest request, HttpServletResponse response,
			org.springframework.security.access.AccessDeniedException accessDeniedException)
			throws IOException, ServletException {
		 System.out.println("权限不足：" + accessDeniedException.getMessage());
	        response.setStatus(200);
	        response.setCharacterEncoding("UTF-8");
	        response.setContentType("application/json; charset=utf-8");
	        PrintWriter printWriter = response.getWriter();
	        response.getWriter().write("{\"result\":\"权限不足\"}");
	        printWriter.flush();
		
	}

}
